Website Security: Prevention and Hack Response

Published 8 June 2026 · By Host Havoc Technical Support Team

Website security requires both proactive measures and a clear response plan. Tens of thousands of websites are compromised daily, and most breaches exploit one of a small set of preventable vulnerabilities. Reviewing your resource usage is also worthwhile, as compromised sites often generate abnormal server load.

How to prevent your website from being hacked

Most compromises happen for one of the following reasons:

Outdated software

Running an older, unpatched version of WordPress, a plugin, a theme, or a custom application is the most common attack vector. Attackers scan for known vulnerabilities in popular software versions.

  • Keep WordPress, all plugins, and all themes updated to their latest versions.
  • Remove plugins and themes you are not actively using.
  • Enable automatic updates where possible.

Incorrect file permissions

Overly permissive file permissions (particularly 777) give attackers write access to files they should never be able to modify.

  • Use 755 for directories and executable files.
  • Use 644 for all other files.
  • Never set 777 unless a specific process requires it, and remove it immediately after.

Weak passwords

Weak or reused passwords for cPanel, FTP, email, or the WordPress admin panel are easily cracked. Use a unique, randomly generated password for each service.

What to do if your website is hacked

If you detect unauthorized changes to your site, act quickly:

  1. Download your raw access logs from cPanel. Log in to cPanel, click Raw Access, and download the logs before they rotate. These logs help identify how and when the intrusion occurred.
  2. Change all passwords immediately. Reset your cPanel, FTP, email, and any CMS admin passwords.
  3. Submit a support ticket. Contact the web hosting support department and attach your log files. Include a description of what you observed, the date and time the attack was noticed, and any other relevant details. Our team will investigate and help you identify the source of the breach.

Note: Acting quickly preserves the log data needed for investigation. Raw access logs are rotated on a schedule and may not be recoverable after several days.

After recovery

  • Scan all files for malware using a plugin (such as Wordfence for WordPress) or a cPanel-based scanner.
  • Restore from a clean backup if available and if the backup predates the compromise.
  • Review file permissions across the account and correct any that are set to 777.